Security News > 2021 > July > Trickbot updates its VNC module for high-value targets
The Trickbot botnet malware that often distributes various ransomware strains, continues to be the most prevalent threat as its developers update the VNC module used for remote control over infected systems.
Its activity has been increasing constantly since the complete disruption of the Emotet botnet in January, which acted as a distributor for both Trickbot and other high-profile threat actors.
Trickbot has been around for almost half a decade and transitioned from a banking trojan to one of the largest botnets today that sells access to various threat actors.
According to Check Point's telemetry, Trickbot impacted 7% of organizations across the world, followed by the XMRig cryptocurrency miner the Formbook info stealer, which affected 3% of the organizations that Check Point monitors worldwide.
In another report, Romanian cybersecurity company Bitdefender says that its systems caught a new version of Trickbot's VNC module, used after compromising high-profile targets.
The VNC component can stop Trickbot and unload it from memory.